<?php
require("cap.php");
require("classes/App.php");
$app = new App();

	if(isset($_GET['del_user']) and $_GET['del_user'] != 1 and $_COOKIE['uid'] == 1)
		$app->myQuery("DELETE from `users` WHERE `user_id`='".$_GET['del_user']."'", 
						"trixbi");
		
	if(isset($_POST['addUser']) and $_COOKIE['uid'] == 1){
		$logname = mysql_escape_string($_POST['login']);
		$name = mysql_escape_string($_POST['name']);
		$pass = md5(md5($_POST['password']));
		if((strlen($logname) != 0) and (strlen($pass) != 0))
			$app->myQuery("INSERT INTO `users` (`user_login`, `user_name`, `user_password`) VALUES ('".$logname."', '".$name."', '".$pass."')",
							"trixbi");
	}
	
	if(isset($_POST['addDetails'])){
		$uid = mysql_escape_string($_COOKIE['uid']);
		$details = mysql_escape_string($_POST['text']);
		$app->myQuery("UPDATE `users` SET `user_details`='".$details."' WHERE `user_id`='".$uid."'",
						"trixbi");
	}

	$logoType = Array("image/bmp",
			"image/jpeg",
			"image/pjpeg",
			"image/gif",
			"image/png",
			"image/x-png");
	if((isset($_POST['addLogo'])))
		if((in_array($_FILES['logo']['type'], $logoType))
			and (131072 > $_FILES['logo']['size'])
			and (0 != $_FILES['logo']['size'])){
			$imgTmp = $_FILES['logo']['tmp_name'];
			$imgType = $_FILES['logo']['type'];
			$imgBin = addslashes(file_get_contents($imgTmp));
			$app->myQuery("UPDATE `users` SET `user_logo`='".$imgBin."', `user_logo_type`='".$imgType."' WHERE `user_id`='".$_COOKIE['uid']."'", 
							"trixbi");
		}
		else
			echo $var_add_logo_error;

	$app->Cap($var_cap_admin, $var_title);
	$app->printMenu($var_main, $var_admin, $var_rates, $var_exit, TRUE);
	
	echo '<table><tr>';
	if($_COOKIE['uid'] == 1){
	echo '<td valign="top"><table id="t_border" width="100%">
			<form method="POST">
			<tr>
				<td>'.$var_login.' </td><td><input type="text" name="login"></td>
			</tr>
			<tr>
				<td>'.$var_name.' </td><td><input type="text" name="name"></td>
			</tr>
			<tr>
				<td>'.$var_password.' </td><td><input type="password" name="password"></td>
			</tr>
			<tr>
				<td></td><td align="right"><input type="submit" name="addUser" value="'.$var_add.'"></td>
			</tr>
			</form>
			</table></td>';
	echo '<td valign="top" rowspan="2">';
	}
	else echo '<td valign="top">';
	echo '<table id="t_border">
			<form method="POST">';
	$users = $app->myQuery("select * from `users`","trixbi",TRUE);
	foreach($users as $users)
		if($_COOKIE['uid'] == 1){
			if(isset($_POST['chPasswd'])){
				$upass = $_POST['new_pass'.$users['user_id']];
				if(strlen($upass) != 0){
					$app->myQuery("update users set `user_password`='".md5(md5($upass))."' where `user_id`=".$users['user_id']."","trixbi");
				}
			}
			echo '<tr><td id="italic" align="right">'.$users['user_login'].'</td><td><input type="password" name="new_pass'.$users['user_id'].'" />
					</td><td><a href="?del_user='.$users['user_id'].'"><img src="./img/delete.png"></a></td></tr>';
		}
		else if($users['user_id'] == $_COOKIE['uid']){
			echo '<tr rowspan="2"><td id="italic" align="right">'.$users['user_login'].'</td><td><input type="password" name="new_pass'.$users['user_id'].'" /></td></tr>';
			if(isset($_POST['chPasswd'])){
				$upass = $_POST['new_pass'.$users['user_id']];
				if(strlen($upass) != 0)
					$app->myQuery("update users set `user_password`='".md5(md5($upass))."' where `user_id`=".$users['user_id']."","trixbi");
			}
		}
	echo '<tr><td></td><td align="right"><input type="submit" name="chPasswd" value="'.$var_change.'" /></td></tr>';
	echo '</form>
			</table>';
	echo '</td><td valign="top" rowspan="2">';
	
	echo '<table id="t_border" width="250px">
			<tr>
				<td colspan="2" align="center"><img src="get_img.php?id='.$_COOKIE['uid'].'" width="100"></td>
			</tr>
			<form enctype="multipart/form-data" method="POST">
			<tr><td colspan="2">'.$var_add_logo.':<br /><dfn>'.$var_add_logo_recomends.'</dfn></td></tr>
			<input type="hidden" name="" value="" />
			<tr><td align="right"><input name="logo" type="file" /></td></tr>
			<tr><td align="right"><input type="submit" name="addLogo" value="'.$var_upload.'"></td></tr>
			</form></table>';
	
	echo '</td></tr><tr><td valign="top">';
	$details = $app->myQuery("SELECT `user_details` FROM `users` WHERE `user_id`='".$_COOKIE['uid']."'",
								"trixbi",
								TRUE);
	if($details)
		foreach($details as $details);
			echo '<table id="t_border" width="250px">
					<form method="POST">
					<tr><td>'.$var_details.':</td></tr>
					<tr><td valign="top"><textarea name="text" rows="5" cols="30">'.$details['user_details'].'</textarea></td></tr>
					<tr><td align="right"><input type="submit" name="addDetails" value="'.$var_add.'"></td></tr>
					</form>
					</table>';
	echo '</td>';
	echo '</td></tr></table></body></html>';
unset($app);
?>
